公开(公告)号：US08825526B2

公开(公告)日：2014-09-02

申请号：US11927130

申请日：2007-10-29

申请人： Marcia L. Peters ,  James M. Mathewson, II ,  John R. Hind

发明人： Marcia L. Peters ,  James M. Mathewson, II ,  John R. Hind

IPC分类号： G06Q30/02

CPC分类号： G06Q30/02 ,  G06Q30/0255 ,  G06Q30/0267 ,  G06Q30/0277

摘要： A method and system for providing targeted advertising in public places and carriers such as trains, buses, train stations, shopping malls, airports, etc. The demographics, purchasing history and/or personal preferences of individuals in the public place are collected from personal digital assistants (PDAs) or other wireless communication devices carried by the individuals in the public place or public carrier. The collected data pertaining to a group of individuals who are present near the display device, is processed and used to select appropriate advertisements that would most likely interest that group of individuals. The selected advertisements are displayed on the display device located in the public place or public carrier so as to provide targeted advertising to the group of individuals.

摘要翻译： 在公共场所以及列车，公交车，火车站，商场，机场等公共场所和运营商提供有针对性的广告的方法和系统。公众场所个人的人口统计，采购历史和/或个人喜好从个人数字 助理（PDA）或其他无线通信设备由个人在公共场所或公共运营商承载。 收集的与出现在显示设备附近的一组个人有关的数据被处理并用于选择最可能对该组个人感兴趣的适当的广告。 所选择的广告被显示在位于公共场所或公共运营商的显示装置上，以向个人群体提供有针对性的广告。

公开(公告)号：US07213071B2

公开(公告)日：2007-05-01

申请号：US09825078

申请日：2001-04-03

申请人： Roberto DeLima ,  John R. Hind ,  Marcia L. Peters

发明人： Roberto DeLima ,  John R. Hind ,  Marcia L. Peters

IPC分类号： G06F15/16

CPC分类号： H04L41/147 ,  H04L67/02 ,  H04L67/322

摘要： Methods, systems, computer program products, and methods of doing business by improving quality of service (“QoS”) in network exchanges comprising a plurality of related request and response messages. A TQoS (“transactional QoS”) cookie is defined, which is used to store information needed when controlling response time (and perhaps other QoS factors as well) for messages exchanged with a particular client. In preferred embodiments, this QoS information comprises a relative priority for these related messages and an available bandwidth for transmitting messages to the client. The disclosed techniques enable applying consistent QoS requirements for delivery of all the related Web objects comprising a transaction. No changes are required on client devices or in client software, and there is no dependency on a client to support cookies.

摘要翻译： 方法，系统，计算机程序产品和通过提高包括多个相关请求和响应消息的网络交换服务质量（“QoS”）来进行业务的方法。 定义了TQoS（“事务性QoS”）cookie，用于在与特定客户端交换的消息控制响应时间（以及可能的其他QoS因素）时存储所需的信息。 在优选实施例中，该QoS信息包括这些相关消息的相对优先级和用于向客户端发送消息的可用带宽。 所公开的技术使得能够对包括事务的所有相关Web对象的传送应用一致的QoS要求。 在客户端设备或客户端软件中不需要进行任何更改，并且客户端不依赖于支持Cookie。

公开(公告)号：US06978367B1

公开(公告)日：2005-12-20

申请号：US09422492

申请日：1999-10-21

申请人： John R. Hind ,  Marcia L. Peters ,  Brad B. Topol

发明人： John R. Hind ,  Marcia L. Peters ,  Brad B. Topol

IPC分类号： G06F1/28 ,  G06F21/00 ,  H04L29/06

CPC分类号： H04L63/20 ,  G06F21/577 ,  G06Q20/3821 ,  G06Q20/3829 ,  H04L63/0428 ,  H04L63/06 ,  H04L63/102 ,  H04L63/105 ,  H04L63/168

摘要： A method, system, and computer program product for selectively encrypting one or more elements of a document using style sheet processing. Disclosed is a policy-driven augmented style sheet processor (e.g. an Extensible Stylesheet Language, or “XSL”, processor) that creates a selectively-encrypted document (e.g. an Extensible Markup Language, or “XML”, document) carrying key-distribution material, such that by using an augmented document processor (e.g. an augmented XML processing engine), an agent can recover only the information elements for which it is authorized. The Document Type Definition (DTD) or schema associated with a document is modified, such that the DTD or schema specifies a reference to stored security policy to be applied to document elements. Each document element may specify a different security policy, such that the different elements of a single document can be encrypted differently (and, some elements may remain unencrypted). The key distribution material enables a document to be encrypted for decryption by an audience that is unknown at the time of document creation, and enables access to the distinct elements of a single encrypted document to be controlled for multiple users and/or groups of users. In this manner, group collaboration is improved by giving more people easier access to information for which they are authorized, while protecting sensitive data from unauthorized agents. A key recovery technique is also defined, whereby the entire document can be decrypted by an authorized agent regardless of how the different elements were originally encrypted and the access protections which were applied to those elements.

摘要翻译： 一种用于使用样式表处理选择性地加密文档的一个或多个元素的方法，系统和计算机程序产品。 公开了一种策略驱动的增强样式表处理器（例如可扩展样式表语言或“XSL”处理器），其创建携带密钥分发材料的选择性加密的文档（例如可扩展标记语言或“XML”文档） ，使得通过使用增强的文档处理器（例如增强的XML处理引擎），代理人可以仅恢复其被授权的信息元素。 与文档相关联的文档类型定义（DTD）或模式被修改，使得DTD或模式指定对要应用于文档元素的存储的安全策略的引用。 每个文档元素可以指定不同的安全策略，使得可以不同地加密单个文档的不同元素（并且一些元素可以保持未加密）。 密钥分发材料使得文档被加密以供在文档创建时未知的受众解密，并且使得能够访问要为多个用户和/或用户组控制的单个加密文档的不同元素。 以这种方式，通过让更多的人更容易地访问他们获得授权的信息，同时保护敏感数据免受未经授权的代理人的改进，可以改善团队合作。 还定义了关键恢复技术，由此整个文档可以由授权代理进行解密，而不管不同元素最初被加密以及应用于这些元素的访问保护。

公开(公告)号：US06918039B1

公开(公告)日：2005-07-12

申请号：US09573859

申请日：2000-05-18

申请人： John R. Hind ,  Marcia L. Peters

发明人： John R. Hind ,  Marcia L. Peters

IPC分类号： G06F21/00 ,  H04K1/00 ,  H04L9/00 ,  H04L29/06 ,  G06F11/30 ,  G06F12/14 ,  H04L9/32

CPC分类号： H04L63/0428 ,  G06F21/6218 ,  G06F2221/2111 ,  G06F2221/2113 ,  H04K1/00 ,  H04L9/00 ,  H04L2209/76 ,  H04L2209/80

摘要： A method and an apparatus in a data processing system detects the presence of sensitive data and renders this data in a secured manner. The data processing system may be any device with information presentation capability which can receive data from a network. Detecting a need for secured rendering may include recognition that the data was encrypted, tags in the data indicating a level of secured rendering, or various forms of pre-arrangement between the sender and the recipient. Ways to determine if the recipient is in a secured environment include detection of conversations in the environment, video images showing people in the environment, analysis of infrared signals, determining the location of the data processing system using GPS or similar means, or interaction with an authenticated user. The means for rendering may be specified in the data, may be determined by the recipient, may be determined by pre-agreement between the sender and recipient, or may be based on the capability of the data processing system. Secured rendering means include, but are not limited to, display of data in a visual format that requires a special lens for detection, speaking the data into a speaker device in an ear canal of the recipient, or use of a special coded format known only to the recipient.

摘要翻译： 数据处理系统中的方法和装置检测敏感数据的存在并以安全的方式呈现该数据。 数据处理系统可以是可以从网络接收数据的具有信息呈现能力的任何设备。 检测对安全渲染的需要可以包括：数据被加密的识别，指示安全渲染级别的数据中的标签，或发送者和接收者之间的各种形式的预先安排。 确定接收者是否处于安全环境中的方法包括：检测环境中的对话，在环境中显示人的视频图像，红外信号的分析，使用GPS或类似装置确定数据处理系统的位置，或与 认证用户。 用于呈现的装置可以在数据中指定，可以由接收者确定，可以通过发送者和接收者之间的预先协商来确定，或者可以基于数据处理系统的能力。 安全渲染装置包括但不限于以视觉格式显示需要特殊镜头进行检测的数据，将数据说明在接收者的耳道中的扬声器装置中，或使用仅仅被公认的特殊编码格式 给收件人

公开(公告)号：US20130007225A1

公开(公告)日：2013-01-03

申请号：US13535878

申请日：2012-06-28

申请人： Christopher A.S. Gage ,  John R. Hind ,  Marcia L. Peters

发明人： Christopher A.S. Gage ,  John R. Hind ,  Marcia L. Peters

IPC分类号： G06F15/16

CPC分类号： H04L29/06 ,  H04L67/1002 ,  H04L2029/06054

摘要： A method, system and program product are presented for enabling a session, as defined by a series of related transactions to perform a unit of work, to be created between a client and a particular server where the server is managed by a dispatcher. Modifications to the Uniform Resource Locator (URL) are used to create a method of transferring information form the client to the server. The server implements a server-side storage area (cookie jar) to temporarily store information about the client and the session so that the client is routed to the same server for successive messages in the same session and no reliance is made upon an ability by the client to store or return cookies.

摘要翻译： 提供了一种方法，系统和程序产品，用于使得由一系列相关事务定义的会话能够执行在客户端和服务器由调度程序管理的特定服务器之间创建的工作单元。 对统一资源定位符（URL）的修改用于创建从客户端向服务器传输信息的方法。 服务器实现服务器端存储区域（cookie jar）以临时存储有关客户端和会话的信息，以便客户端被路由到相同的服务器，用于同一会话中的连续消息，并且不依赖于 客户端存储或返回Cookie。

公开(公告)号：US07003584B1

公开(公告)日：2006-02-21

申请号：US09611158

申请日：2000-07-06

申请人： Richard A. Floyd ,  John R. Hind ,  Marcia L. Peters ,  Brad B. Topol

发明人： Richard A. Floyd ,  John R. Hind ,  Marcia L. Peters ,  Brad B. Topol

IPC分类号： G06F15/16

CPC分类号： H04L67/02 ,  H04L69/22

摘要： The present invention provides an apparatus and method for accessing request header information used to transcode servlet output. The apparatus and method of the present invention includes a preamble that stores request header information from a request sent by a client device. The request header information is then provided to the transcoder along with the generated content data. The transcoder then performs appropriate transcoding on the generated content data based on the request header information supplied by the preamble. The transcoded content data is then sent to the client device. In this way, the client device is able to obtain content from a much larger set of content sources than with conventional systems.

摘要翻译： 本发明提供一种用于访问用于对servlet输出进行转码的请求头信息的装置和方法。 本发明的装置和方法包括前导码，其存储来自客户端设备发送的请求的请求头信息。 然后将请求头信息与生成的内容数据一起提供给代码转换器。 然后，代码转换器基于由前导码提供的请求头信息对所生成的内容数据执行适当的代码转换。 然后将经代码转换的内容数据发送到客户端设备。 以这种方式，客户端设备能够从与传统系统相比更大的内容源集合获得内容。

公开(公告)号：US06968453B2

公开(公告)日：2005-11-22

申请号：US09761906

申请日：2001-01-17

申请人： Ronald P. Doyle ,  John R. Hind ,  Marcia L. Peters

发明人： Ronald P. Doyle ,  John R. Hind ,  Marcia L. Peters

IPC分类号： G06F21/00 ,  G07F7/10 ,  H04L9/00

CPC分类号： G07F7/1008 ,  G06F21/32 ,  G06F21/445 ,  G06F21/57 ,  G06F21/64 ,  G06Q20/341 ,  G06Q20/40145 ,  H04L63/08 ,  H04L2463/082

摘要： A method, system, computer program product, and method of doing business by providing a secure integrated device (such as a pervasive computing device) for which operating capabilities can be dynamically yet securely selected (including, but not limited to, pluggable connection of input/output devices and/or application processors that provide selected functions). Each input/output (I/O) device and application processor to be used is plugged in to a bus of a security core, and authenticates itself to the security core using public key infrastructure techniques, thereby creating a secure multi-function device. All of the multi-function device's input and output interactions with its environment necessarily traverse an I/O bus under the sole control of the security core. The only communication path between an application processor and the external environment (such as an I/O device) is through an application processor bus, which is likewise under control of the security core. Thus a user may dynamically yet securely select the capabilities of a multi-function device, and because each I/O device and application processor in use by that multi-function device is authenticated, the security of transactions or network services performed when using such devices is improved.

摘要翻译： 一种方法，系统，计算机程序产品和通过提供安全集成设备（例如普及计算设备）来进行业务的方法，对于该安全的集成设备，可以动态地安全地选择操作能力（包括但不限于输入的可插拔连接 /输出设备和/或提供所选功能的应用处理器）。 要使用的每个输入/输出（I / O）设备和应用处理器被插入安全核心的总线，并且使用公共密钥基础设施技术将其自身认证到安全核心，由此创建安全的多功能设备。 所有多功能设备与其环境的输入和输出交互必须在安全核心的唯一控制下遍历I / O总线。 应用处理器和外部环境（例如I / O设备）之间的唯一通信路径是通过应用处理器总线，其同样在安全核心的控制下。 因此，用户可以动态地安全地选择多功能设备的能力，并且由于该多功能设备使用的每个I / O设备和应用处理器被认证，所以在使用这些设备时执行的事务或网络服务的安全性 改进了

公开(公告)号：US06941459B1

公开(公告)日：2005-09-06

申请号：US09422431

申请日：1999-10-21

申请人： John R. Hind ,  Marcia L. Peters ,  Brad B. Topol

发明人： John R. Hind ,  Marcia L. Peters ,  Brad B. Topol

IPC分类号： G06F17/22 ,  G06F17/27

CPC分类号： G06F17/227 ,  G06Q20/3821 ,  G06Q20/3829 ,  H04L9/088 ,  H04L9/0894 ,  H04L2209/76

摘要： A method, system, and computer program product for selectively encrypting one or more elements of a document using style sheet processing. Disclosed is a policy-driven augmented style sheet processor (e.g. an Extensible Stylesheet Language, or “XSL”, processor) that creates a selectively-encrypted document (e.g. an Extensible Markup Language, or “XML”, document) carrying key-distribution material, such that by using an augmented document processor (e.g. an augmented XML processing engine), an agent can recover only the information elements for which it is authorized. The Document Type Definition (DTD) or schema associated with a document is modified, such that the DTD or schema specifies a reference to stored security policy to be applied to document elements. Each document element may specify a different security policy, such that the different elements of a single document can be encrypted differently (and, some elements may remain unencrypted). The key distribution material enables a document to be encrypted for decryption by an audience that is unknown at the time of document creation, and enables access to the distinct elements of a single encrypted document to be controlled for multiple users and/or groups of users. In this manner, group collaboration is improved by giving more people easier access to information for which they are authorized, while protecting sensitive data from unauthorized agents. A key recovery technique is also defined, whereby the entire document can be decrypted by an authorized agent regardless of how the different elements were originally encrypted and the access protections which were applied to those elements.

摘要翻译： 一种用于使用样式表处理选择性地加密文档的一个或多个元素的方法，系统和计算机程序产品。 公开了一种策略驱动的增强样式表处理器（例如可扩展样式表语言或“XSL”处理器），其创建携带密钥分发材料的选择性加密的文档（例如可扩展标记语言或“XML”文档） ，使得通过使用增强的文档处理器（例如增强的XML处理引擎），代理人可以仅恢复其被授权的信息元素。 与文档相关联的文档类型定义（DTD）或模式被修改，使得DTD或模式指定对要应用于文档元素的存储的安全策略的引用。 每个文档元素可以指定不同的安全策略，使得可以不同地加密单个文档的不同元素（并且一些元素可以保持未加密）。 密钥分发材料使得文档被加密以供在文档创建时未知的受众解密，并且使得能够访问要为多个用户和/或用户组控制的单个加密文档的不同元素。 以这种方式，通过让更多的人更容易地访问他们获得授权的信息，同时保护敏感数据免受未经授权的代理人的改进，可以改善团队合作。 还定义了关键恢复技术，由此整个文档可以由授权代理进行解密，而不管不同元素最初被加密以及应用于这些元素的访问保护。

公开(公告)号：US06826690B1

公开(公告)日：2004-11-30

申请号：US09435417

申请日：1999-11-08

申请人： John R. Hind ,  Marcia L. Peters

发明人： John R. Hind ,  Marcia L. Peters

IPC分类号： H04L900

CPC分类号： H04L63/0823 ,  G06F21/31 ,  G06F2211/008 ,  G06F2211/1097 ,  H04L9/3265 ,  H04L9/3273 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0442 ,  H04L2209/60 ,  H04L2209/80

摘要： A device certificate identifies a particular device using a globally-unique device identifier and contains a public key associated therewith. A private key stored in protected storage of the device is used to digitally sign outbound messages, enabling communicating devices to authenticate one another using the associated device certificate and public key, before returning a response. Devices functioning as servers can thereby securely participate in dynamic, automatic address assignment services using a service such as a Boot Protocol or Dynamic Host Configuration Protocol, and/or to update address information stored in a Domain Name System (DNS) server, ensuring that the update is authentic, and when the DNS is also authenticated, ensuring that a legitimate DNS has been contacted.

摘要翻译： 设备证书使用全局唯一的设备标识符来标识特定设备，并且包含与其相关联的公钥。 存储在设备的受保护存储器中的私钥用于数字签名出站消息，使得在返回响应之前能够使用相关联的设备证书和公钥来使设备彼此认证。 可以使用诸如引导协议或动态主机配置协议的服务，和/或更新存储在域名系统（DNS）服务器中的地址信息来安全地参与服务器的动态，自动地址分配服务，从而确保 更新是真实的，并且当DNS也被认证时，确保已经联系了合法的DNS。

公开(公告)号：US5425021A

公开(公告)日：1995-06-13

申请号：US10136

申请日：1993-01-28

申请人： Jeffrey H. Derby ,  John E. Drake, Jr. ,  John G. Dudley ,  Roch Guerin ,  Marc A. Kaplan ,  Gerald A. Marin ,  Marcia L. Peters ,  Kenneth H. Potter, Jr.

发明人： Jeffrey H. Derby ,  John E. Drake, Jr. ,  John G. Dudley ,  Roch Guerin ,  Marc A. Kaplan ,  Gerald A. Marin ,  Marcia L. Peters ,  Kenneth H. Potter, Jr.

IPC分类号： H04L12/56 ,  H04Q11/04 ,  H04J3/24

CPC分类号： H04L49/25 ,  H04L49/102 ,  H04L49/107 ,  H04L49/1553 ,  H04L49/256 ,  H04Q11/0478 ,  H04L2012/5632 ,  H04L45/00 ,  H04L49/3009 ,  H04L49/555

摘要： Method and apparatus for making limited internal-node communication facilities externally visible in a packet switching network. Internal-node communication facilities are called intranode links, can include any cable, channel, bus, etc. over which data passes, and are used to connect the multiple subnodes within a given node. Each subnode contains a switching mechanism and routes packets to other nodes, subnodes, or user applications. Each node provides network control functions such as topology, directory, path selection, and bandwidth management which can manage intranode links in the same manner that internode links are currently managed.

摘要翻译： 用于在分组交换网络中使外部可见的有限的内部节点通信设备的方法和装置。 内部节点通信设施称为内部网络链路，可以包括数据通过的任何电缆，信道，总线等，并用于连接给定节点内的多个子节点。 每个子节点包含切换机制，并将数据包路由到其他节点，子节点或用户应用程序。 每个节点提供网络控制功能，例如拓扑，目录，路径选择和带宽管理，可以以与当前管理的节点链接相同的方式管理内部网络链路。